General
-
Target
Meteorite_0.3.0_x64_en-US.msi
-
Size
5.6MB
-
Sample
240921-vgn28stckl
-
MD5
196f000d6929e1ce6f79e581fec37e2c
-
SHA1
8e904fd9477ffa493acfe0631c249002944c0e88
-
SHA256
828d5c8ff19fb394f8444acfdb6dfd4030a0d3122cce2272452e34f5393f4972
-
SHA512
1b4b643a26f34e7cc48407f9fc9a07f1705e93d7c7f7a5a421f8861a8a3971c15931a7ee091e4aef37fb3a606b5656843d081b0e8fca8ae046d81f52abb5bd42
-
SSDEEP
98304:zllounibAOzWM+JczBnjAt2hxiS0gCMjiZJqrtqa4TAKlGyA08dysDdkSbTry:rodh1FnOSnOZJGtZ4kK6ZQidkSb
Malware Config
Targets
-
-
Target
Meteorite_0.3.0_x64_en-US.msi
-
Size
5.6MB
-
MD5
196f000d6929e1ce6f79e581fec37e2c
-
SHA1
8e904fd9477ffa493acfe0631c249002944c0e88
-
SHA256
828d5c8ff19fb394f8444acfdb6dfd4030a0d3122cce2272452e34f5393f4972
-
SHA512
1b4b643a26f34e7cc48407f9fc9a07f1705e93d7c7f7a5a421f8861a8a3971c15931a7ee091e4aef37fb3a606b5656843d081b0e8fca8ae046d81f52abb5bd42
-
SSDEEP
98304:zllounibAOzWM+JczBnjAt2hxiS0gCMjiZJqrtqa4TAKlGyA08dysDdkSbTry:rodh1FnOSnOZJGtZ4kK6ZQidkSb
Score6/10-
Downloads MZ/PE file
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Event Triggered Execution: Image File Execution Options Injection
-
Drops file in System32 directory
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
MITRE ATT&CK Enterprise v15
Persistence
Event Triggered Execution
3Component Object Model Hijacking
1Image File Execution Options Injection
1Installer Packages
1Privilege Escalation
Event Triggered Execution
3Component Object Model Hijacking
1Image File Execution Options Injection
1Installer Packages
1